PHP Change Password script using mysql [duplicate]

  change-password, forms, php, validation

New to all this so forgive my ignorance. I am trying to figure out how to change a "Change Your Password" field to my form. Using PHP and MySQL. I work on this a little bit and I want to share for you people that you help me to resolve my error. So first of all I show my error then I will explain it.

Warning: Undefined variable $old_password in C:xampphtdocsuploadimgfunctions.php on line 207

the html code is as following

<form>
  <div class="row">
  <div class="col-12 col-sm-12 mb-12">
  <div class="mb-2"><b>Change Password</b></div>
  <div class="row">
  <div class="col">
  <div class="form-group">
  <label>Current Password</label>
  <input class="form-control" type="password"  name="old_password" value="<?php echo @$old_password ? 
  >" placeholder="••••••">
   </div>
   </div>
   </div>
   <div class="row">
    <div class="col">
    <div class="form-group">
    <label>New Password</label>
     <input class="form-control" type="password" name="password" value="<?php echo @$password ?>" 
     placeholder="••••••">
     </div>
      </div>
      </div>
      <div class="row">
      <div class="col">
      <div class="form-group">
      <label>Confirm <span class="d-none d-xl-inline">Password</span></label>
      <input class="form-control" type="password" name="confirm_pwd" value="<?php echo @$confirm_pwd 
       ?>" placeholder="••••••">
      </div>
      </div>
      </div>
      </div>
      </div>
      <div class="row">
      <div class="col d-flex justify-content-end">
       <button class="btn btn-primary" type="submit" name="profilesubmit">Save Changes</button>
       </div>
       </div>
       </form>

this is my php coding and the name of file is function.php

<?php
 if(isset($_POST['profilesubmit'])):
  extract($_POST);
  if($old_password!="" && $password!="" && $confirm_pwd!="") :
  $id = '1';// sesssion id
  $old_pwd=md5(mysqli_real_escape_string($db,$_POST['old_password']));
  $pwd=md5(mysqli_real_escape_string($db,$_POST['password']));
  $c_pwd=md5(mysqli_real_escape_string($db,$_POST['confirm_pwd']));
  if($pwd == $c_pwd) :
  if($pwd!=$old_pwd) :
  $sql="SELECT * FROM users WHERE id=$id AND password =$old_pwd";
  $db_check=$db->query($sql);
  $count=mysqli_num_rows($db_check);
  if($count==1) :
  $fetch=$db->query("UPDATE users SET password = $pwd WHERE id=$id");
  $old_password=''; $password =''; $confirm_pwd = '';
  $msg_sucess = "Your new password update successfully.";
  else:
  $error = "The password you gave is incorrect.";
  endif;
  else :
  $error = "Old password new password same Please try again.";
  endif;
  else:
  $error = "New password and confirm password do not matched";
  endif;
  else :
  $error = "Please fil all the fields";
  endif;   
  endif;
  ?>

Source: Ask PHP

LEAVE A COMMENT